Leaderboard

How about this one : #include <Array.au3> Local $string = "<a>1</a><b>2</b><c>3</c><d>4</d><e>5</e>|<a>1-1</a><b>2-1</b><c>3-1</c><d>4-1</d><e>5-1</e>|<a>1-2</a><b>2-2</b><c>3-2</c><d>4-2</d><e>5-2</e>|" Local $aArray = StringRegExp($string,"(?i)<a>(.{1,3})</a><b>.{1,3}</b><c>.{1,3}</c><d>.{1,3}</d><e>5-1</e>", 1) _ArrayDisplay($aArray)

Hi all, Recently one of my applications was slammed by a security researcher that it is EXTREMELY UNSAFE crap,... ignores all of Microsoft's security recommendations for the safe loading of DLLs and applications: It loads more than a dozen system DLLs from its "installation directory" (at Ordinary abusers typically use the "Downloads" directory instead of the Windows system directory C:\Windows\System32 and execute this with administrator rights; It executes any DLL, stupidly also with administrator rights, ie this SCHROTT allows "escalation of privilege". Or well that's what the rough translation is. Actual text is ist ÜBLER UNSICHERER Schrott... das alle Sicherheitsempfehlungen Microsofts zum sicheren Laden von DLLs und Anwendungen ignoriert: es lädt mehr als ein Dutzend System-DLLs aus seinem „Installations-Verzeichnis“ (bei Otto Normalmissbraucher typischerweise das „Downloads“-Verzeichnis) statt aus dem Windows-System-Verzeichnis C:\Windows\System32 und führt diese mit Administratorrechten aus; es führt eine beliebige DLL aus, dümmsterweise auch mit Administratorrechten, d.h. dieser SCHROTT erlaubt „escalation of privilege“. For the first point. I'm only using a 5 DllCalls, Does DLLCall check the Working Directory before System Directory, or even at all? (I don't know how to make DLLs, so I can't test) If so, shouldn't be made not the case by default to prevent dll hijacking? If not, how can I better protect the end users? Are the built Includes also checking Working Directory before System Directory? For the second point, what is the best way to manage DLL and process privilege levels? I see AutoIt by default uses AsInvoker by default. Is there anyway to easily adjust this script wide? Are there any other security concerns that I should be aware of? I have about 300k downloads currently as well, should I issue a security advisory or create a CVE for my application? Thanks in advance

I'm using a 64-bit OS and if I use the Compile Script or Compile Script (x86) options, Windows Defender flags it as a virus. I have to specifically use the Compile Script (x64) option. Maybe that'll help?

Mine is basically a wrapper for the Microsoft Win32 HttpAPI APIs. The benefit is that it is documented by Microsoft, there are numerous examples of its implementation on the web, and the Win32 APIs use HTTP standards for communication. This is another light-weight web server that is built upon a different framework. It might be even easier to implement than the HTTPAPI UDF because it is designed specifically around wrapping web services around AutoIt scripts.

What about this? #include <Array.au3> #include <MsgBoxConstants.au3> #include <StringConstants.au3> ;Local $aArray = 0, $iOffset = 1 Local $string = "<a>1</a><b>2</b><c>3</c><d>4</d><e>5</e>|<a>1-1</a><b>2-1</b><c>3-1</c><d>4-1</d><e>5-1</e>|<a>1-2</a><b>2-2</b><c>3-2</c><d>4-2</d><e>5-2</e>|" Global $g_aStringSplit = StringSplit($string, Chr(124), $STR_NOCOUNT) For $i = 0 To (UBound($g_aStringSplit) - 1) Step 1 If StringRegExp($g_aStringSplit[$i], '(?i)<a>(.*?)</a><b>(.*?)</b><c>(.*?)</c><d>(.*?)</d><e>5-1</e>', $STR_REGEXPMATCH) = 1 Then Global $g_aArray = StringRegExp($g_aStringSplit[$i], '(?i)<a>(.*?)</a><b>(.*?)</b><c>(.*?)</c><d>(.*?)</d><e>(.*?)</e>', $STR_REGEXPARRAYMATCH) _ArrayDisplay($g_aArray) EndIf Next ;~ While 1 ;~ $aArray = StringRegExp($string, '(?i)<a>(.*?)</a><b>(.*?)</b><c>(.*?)</c><d>(.*?)</d><e>5-1</e>', $STR_REGEXPARRAYMATCH, $iOffset) ;~ If @error Then ExitLoop ;~ $iOffset = @extended ;~ For $i = 0 To UBound($aArray) - 1 ;~ MsgBox($MB_SYSTEMMODAL, "RegExp Test with Option 1 - ", $aArray[0]) ;~ Next ;~ WEnd I'm not the best with RegEX though. I'm sure you'll get some better solutions.

Hi everyone, I already posted an update yesterday where I mentioned that I have started work on the new parser which uses Flex and Bison to generate C code for parsing. So far the experience has been very nice, I am able to test and develop things very fast compared to doing it all on my own. I have completed the initial version of the tokenizer/scanner/lexer, it should be able to scan all tokens which could possibly occur in a valid script %option noyywrap nodefault %{ #include <stdlib.h> #include <string.h> char *token_str = NULL; size_t token_len = 0; size_t comment_level = 0; //#define YY_USER_ACTION free(token_str); token_str = strndup(yytext, token_len = yyleng); #define YY_USER_ACTION token_str = yytext; token_len = yyleng; enum { // Token Types UNKNOWN = 420, WS, COMMENT, DIRECTIVE, NUMBER, STRING, BOOL, WORD, MACRO, VARIABLE, OPERATOR, BRACKET, DOT, COMMA, }; %} %x ML_COMMENT WS [ \t\r\n]+ NL \r?\n? DIGIT [0-9] XDIGIT [0-9A-Fa-f] QUOTE [\'\"] %% /* Whitespace */ {WS} ; /* Comment */ <INITIAL,ML_COMMENT>"#cs"|"#comment-start"{WS} {BEGIN ML_COMMENT; ++comment_level;}; <ML_COMMENT>"#ce"|"#comment-end" if (--comment_level == 0) BEGIN INITIAL; <ML_COMMENT>(?s:.) ; [;#][^\r\n]* return *yytext == ';' ? COMMENT : DIRECTIVE; /* Number */ {DIGIT}+(\.{DIGIT}+(e{DIGIT}+)?)? return NUMBER; 0[xX]{XDIGIT}+ return NUMBER; /* String */ \"[^\n\"]*\" return STRING; \'[^\n\']*\' return STRING; /* Bool */ (?i:"True"|"False") return BOOL; /* Word */ [A-Za-z][A-Za-z0-9]* return WORD; /* Macro or Variable */ [@$][A-Za-z][A-Za-z0-9]* return *yytext == '@' ? MACRO : VARIABLE; /* Operator */ [+\-*/^&=<>?:] return OPERATOR; /* Misc */ [[\]()] return BRACKET; \. return DOT; \, return COMMA; /* Catch-all for everything else */ . return UNKNOWN; %% #include <stddef.h> #include <stdio.h> static void print_token(char *str, size_t len, int type) { puts("---### TOKEN ###---"); char *token_type; switch (type) { case UNKNOWN: token_type = "Unknown"; break; case WS: token_type = "Whitespace"; break; case COMMENT: token_type = "Comment"; break; case DIRECTIVE: token_type = "Directive"; break; case NUMBER: token_type = "Number"; break; case STRING: token_type = "String"; break; case BOOL: token_type = "Boolean"; break; case WORD: token_type = "Word"; break; case MACRO: token_type = "Macro"; break; case VARIABLE: token_type = "Variable"; break; case OPERATOR: token_type = "Operator"; break; case BRACKET: token_type = "Bracket"; break; case DOT: token_type = "Dot"; break; case COMMA: token_type = "Comma"; break; default: token_type = "Unnamed"; break; } fputs("Type: ", stdout); puts(token_type); fputs("Data: ", stdout); puts(str); } int main(void) { int type; for (;;) { type = yylex(); if (!type) break; print_token(token_str, token_len, type); } return 0; } I passed this "script" as the input: #cs #cs nested comment #ce #ce ; Calm Mints 42 0xDEADBEEF 3.14 6.02214076e23 "Hell'o World" '"To C or not to C"' True true fAlSe False tRUe @TheTruth $TheFact -((1 + 2) / 3) * 4 And here is the output: ---### TOKEN ###--- Type: Comment Data: ; Calm Mints ---### TOKEN ###--- Type: Number Data: 42 ---### TOKEN ###--- Type: Number Data: 0xDEADBEEF ---### TOKEN ###--- Type: Number Data: 3.14 ---### TOKEN ###--- Type: Number Data: 6.02214076e23 ---### TOKEN ###--- Type: String Data: "Hell'o World" ---### TOKEN ###--- Type: String Data: '"To C or not to C"' ---### TOKEN ###--- Type: Boolean Data: True ---### TOKEN ###--- Type: Boolean Data: true ---### TOKEN ###--- Type: Boolean Data: fAlSe ---### TOKEN ###--- Type: Boolean Data: False ---### TOKEN ###--- Type: Boolean Data: tRUe ---### TOKEN ###--- Type: Macro Data: @TheTruth ---### TOKEN ###--- Type: Variable Data: $TheFact ---### TOKEN ###--- Type: Operator Data: - ---### TOKEN ###--- Type: Bracket Data: ( ---### TOKEN ###--- Type: Bracket Data: ( ---### TOKEN ###--- Type: Number Data: 1 ---### TOKEN ###--- Type: Operator Data: + ---### TOKEN ###--- Type: Number Data: 2 ---### TOKEN ###--- Type: Bracket Data: ) ---### TOKEN ###--- Type: Operator Data: / ---### TOKEN ###--- Type: Number Data: 3 ---### TOKEN ###--- Type: Bracket Data: ) ---### TOKEN ###--- Type: Operator Data: * ---### TOKEN ###--- Type: Number Data: 4 Which is very similar if not exactly the same as what our old parser would have produced The next step is to add support for including files (#include <...>) and then I will start work on the syntactic analysis, which is the actual "parsing" to convert list of words into actions. Hopefully I won't get held up by last time due to all the fatigue, using these tools should speed up the process significantly. Stay tuned for more updates this week! Source: https://forum.dtw.tools/d/28-easycodeit-update-flex-bison-parser

@rcmaehl you was mentioned here: https://www.dobreprogramy.pl/whynotwin11-sprawdz-czy-zainstalujesz-windows-11-i-dowiedz-sie-dlaczego-nie,6655486176307776a btw. I notice problem with selecting my language. Will dig into this but waitng for all PR will be accepted/rejected, as I have few other changes to do.

I would immediately move to another security researcher. The wording he uses to describe the security issues is extremely unprofessional. I would expect a professional and detailed description of the security problems A score for each issue based on a recognized rating scale Links to the security recommandations he refers to ("Microsoft's security recommendations for the safe loading of DLLs and applications") detailed measures to address these security issues In my opinion this "security check and report" is Schrott. BTW: I work in IT-security, so I know what I'm talking about

Code Suggestions are Appreciated (especially #162) 👉👈

A couple discord servers the day of the announcement once I realized the official tool was 💩 and like 3 small reddit threads (< 50 karma)

Declare your path on the loading of a DLL. As default the OS ( windows ), will load from current folder, then search in the path. So declare the path and do your own path search. Now, if someone can copy, just plain copy a DLL to where your app. is at, might as well do anything else to that PC. Or would it need your app. lo load a DLL ?? If your app. is the installer, then there is the possibility of loading the wrong thing but it'd be very strange for such DLL to be just sitting there. Do change that "SCHROTT" to open the DLL with your own path declaration and use the handle for the calls. Change the WorkingDir to WindowsDir to avoid side loading ? Other than that, I would not do much. Maybe announce a new version, so the researcher feel happy he saved countless PCs Unless you post a piece of code ( the part that looks insecure ), I would not know what else to say.

As long as you loop for whatever object you are attempting to interact with, and not just try to grab it once, and assume you have it, I don't see what the issue is...do this kind of loop with ALL your object grabbing (of course, this is just a sample...add whatever _IE function you need, obviously) $iTimer = TimerInit() $oObj = _IEGetObjById($oIE, "yourID") While Not IsObj($oObj) And TimerDiff($iTimer)<5000 sleep (100) $oObj = _IEGetObjById($oIE, "yourID") WEnd If IsObj($oObj) Then MsgBox(1,1,"ABLE to grab object within 5 seconds") Else MsgBox(1,1,"unable to grab object within 5 seconds") EndIf then, you can get fancy, and create encapsulating functions for all that you need, so you don't need repeating blocks of code: Func _WaitFor_IEGetObjById($oCallersIE, $iCallersID, $iCallersMaxWaitMilSec = 5000) ConsoleWrite("Func[_WaitFor_IEGetObjById]: Start with params=[IsObj(" & $oCallersIE & ")," & $iCallersID & "," & $iCallersMaxWaitMilSec & "]." & @CRLF) $iTimer = TimerInit() $oObj = _IEGetObjById($oCallersIE, $iCallersID) While Not IsObj($iObj) And TimerDiff($iTimer) < $iCallersMaxWaitMilSec Sleep(100) $oObj = _IEGetObjById($oCallersIE, $iCallersID) WEnd If IsObj($oObj) Then ConsoleWrite("Func[_WaitFor_IEGetObjById]: Found callers ID=[" & $iCallersID & "]." & @CRLF) Return $oObj Else ConsoleWrite("Func[_WaitFor_IEGetObjById]: UNable to find callers ID=[" & $iCallersID & "] within milliseconds=[" & iCallersMaxWaitMilSec & "]." & @CRLF) Return False EndIf EndFunc ;==>_WaitFor_IEGetObjById you can even make one function...as long as they accept the proper params (or create array to hold the params...then can be any number) AND they do not have by-ref variables: If $bContinue Then $oObject4 = _WaitFor_IEObj($oIE, "_IEGetObjById", 4) $bContinue = IsObj($oObject4) ; your action EndIf Exit Func _WaitFor_IEObj($oCallersIE, $sCallerIEFuncName, $iCallersIdentifier, $iCallersMaxWaitMilSec = 5000) ConsoleWrite("Func[_WaitFor_IEGetObjById]: Start with params=[IsObj(" & $oCallersIE & ")," & $sCallerIEFuncName & "," & $iCallersIdentifier & "," & $iCallersMaxWaitMilSec & "]" & @CRLF) $iTimer = TimerInit() $oObj = Call($sCallerIEFuncName, $oCallersIE, $iCallersIdentifier) While Not IsObj($oObj) And TimerDiff($iTimer) < $iCallersMaxWaitMilSec Sleep(500) $oObj = Call($sCallerIEFuncName, $oCallersIE, $iCallersIdentifier) WEnd If IsObj($oObj) Then ConsoleWrite("Func[_WaitFor_IEGetObjById]: Found callers ID=[" & $iCallersIdentifier & "]" & @CRLF) Return $oObj Else ConsoleWrite("Func[_WaitFor_IEGetObjById]: UNable to find callers ID=[" & $iCallersIdentifier & "]" & @CRLF) Return False EndIf EndFunc ;==>_WaitFor_IEObj

Based on the parameters I would say AutoIt uses ExitWindowsEx for Shutdown() (and indeed it does in the old source). On that page you can see that shutdown includes a power-off in WinXP SP1 and later, so for most computers that people use today there is no difference.

Write a code file in your @ScriptDir like hello.vb Imports System.Collections.Generic Imports System.Text Imports System.Runtime.InteropServices Namespace myDotNetLibrary <ClassInterface(ClassInterfaceType.AutoDual)> _ Public Class myDotNetClass Private myProperty As String Public Sub New() End Sub Public Function myDotNetMethod(input As String) As String Return "Hello " & input End Function Public Property myDotNetProperty() As String Get Return myProperty End Get Set(ByVal value As String) myProperty = value End Set End Property End Class End Namespace and run it from your AutoIt script $vbc = "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\vbc.exe" ; ; check the path of your version $RegAsm = "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" ; check the path of your version RunWait($vbc & " /target:library hello.vb", @ScriptDir, @SW_HIDE) ; compile the .net DLL RunWait($RegAsm & " /codebase hello.dll", @ScriptDir, @SW_HIDE) ; register the .net DLL $obj = ObjCreate("myDotNetLibrary.myDotNetClass") $obj.myDotNetProperty = "AutoIt-World" ConsoleWrite("! " & $obj.myDotNetMethod($obj.myDotNetProperty) & @CRLF) RunWait($RegAsm & " /unregister hello.dll", @ScriptDir, @SW_HIDE) ; unregister the .net DLL dito for C#: multsub.cs using System; using System.Collections.Generic; using System.Runtime.InteropServices; namespace myCSLibrary { [ClassInterface(ClassInterfaceType.AutoDual)] public class MultSubClass { private int myProperty; public MultSubClass() { } public int mult2(int input) { return 2 * input; } public int sub1(int input) { return input - 1; } public int myDotNetProperty { get { return myProperty; } set { myProperty = value; } } } } and the AutoIt script: $csc = "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\csc.exe" ; check the path of your version $RegAsm = "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" ; check the path of your version RunWait($csc & " /target:library multsub.cs", @ScriptDir, @SW_HIDE) ; compile the .net DLL RunWait($RegAsm & " /codebase multsub.dll", @ScriptDir, @SW_HIDE) ; register the .net DLL $obj = ObjCreate("myCSLibrary.MultSubClass") $obj.myDotNetProperty = 3 ConsoleWrite("! " & $obj.sub1($obj.mult2($obj.sub1($obj.mult2($obj.myDotNetProperty)))) & @CRLF) RunWait($RegAsm & " /unregister multsub.dll", @ScriptDir, @SW_HIDE) ; unregister the .net DLL Tested with Windows XP SP3 and .net Framework 3.5/4 Paul DotNetDLLs.zip

Hi paulpmeier, what a shame, that I've never seen before this thread. I like this idea, to make NET available with AutoIt. Because that, I feeled me free to cast this in an function - hope you like it. The function loads given .vb or .cs file and register the related dll file. On AutoIt-Exit or new call of this function, the dll will unregister. I've implemented an automatically NET-detection. On my system (Win7 pro, 32bit, SP1) the required files only included in NET2.0 and 4.0. Because that, I ask only for this installation folder. Here is the function: Now your example looks so: But now I've a question: To create own classes and use them - it works fine. Have you always tried to get access to existing NET classes on this way? NETFramework0.1.au3